Re: [exim] rogue connections to broadcast addresses

Página Principal
Apagar esta mensagem
Responder a esta mensagem
Autor: Giuliano Gavazzi
Data:  
Para: Leonardo Boselli, exim-users
CC: 
Assunto: Re: [exim] rogue connections to broadcast addresses
At 2:04 pm +0200 2004/10/03, Leonardo Boselli wrote:
>I got a lot of activity sending e-mail (bounce errors) to
>allmarts.com matmail.com and arthlink.net .


bounce errors??! You should have not accepted those (as they give a
local error I suppose). A simple verify sender with the appropriate
ignore_target_hosts, as pointed out by Dominik, would have
accomplished this even without the local error.


>These two domains have an MX pointing to 192.168.255.255


three...

>that is not very legal, also becouse it is the broadcast address of a
>reserved subnet ...
>being such address packets leave the server, but connection never
>come back. This locks the server with a lot of open conenctions, with
>the results that often squid ends working having no free ports.
>Is there a way to avoid this problem, other than asking the dns
>maintainer for these domains to correct

[...]

why do you want to ask them? Just deny.

g